Package dev.dsf.fhir.authorization

Class AbstractAuthorizationRule<R extends org.hl7.fhir.r4.model.Resource,D extends ResourceDao<R>>

java.lang.Object
dev.dsf.fhir.authorization.AbstractAuthorizationRule<R,D>
All Implemented Interfaces:
AuthorizationRule<R>, org.springframework.beans.factory.InitializingBean
Direct Known Subclasses:
AbstractMetaTagAuthorizationRule, QuestionnaireResponseAuthorizationRule, TaskAuthorizationRule
public abstract class AbstractAuthorizationRule<R extends org.hl7.fhir.r4.model.Resource,D extends ResourceDao<R>> extends Object implements AuthorizationRule<R>, org.springframework.beans.factory.InitializingBean

  • Field Details

    • ORGANIZATION_IDENTIFIER_SYSTEM

      protected static final String ORGANIZATION_IDENTIFIER_SYSTEM
      See Also:

    • resourceType

      protected final Class<R extends org.hl7.fhir.r4.model.Resource> resourceType

    • daoProvider

      protected final DaoProvider daoProvider

    • serverBase

      protected final String serverBase

    • referenceResolver

      protected final ReferenceResolver referenceResolver

    • organizationProvider

      protected final OrganizationProvider organizationProvider

    • readAccessHelper

      protected final ReadAccessHelper readAccessHelper

    • parameterConverter

      protected final ParameterConverter parameterConverter

  • Constructor Details

  • Method Details

    • afterPropertiesSet

      public void afterPropertiesSet() throws Exception
      Specified by:
      afterPropertiesSet in interface org.springframework.beans.factory.InitializingBean
      Throws:
      Exception

    • getResourceType

      public Class<R> getResourceType()
      Specified by:
      getResourceType in interface AuthorizationRule<R extends org.hl7.fhir.r4.model.Resource>

    • getResourceTypeName

      protected String getResourceTypeName()

    • getDao

      protected final D getDao()

    • reasonCreateAllowed

      public final Optional<String> reasonCreateAllowed(Identity identity, R newResource)
      Description copied from interface: AuthorizationRule
      Override this method for non default behavior. Default: Not allowed.
      Specified by:
      reasonCreateAllowed in interface AuthorizationRule<R extends org.hl7.fhir.r4.model.Resource>
      Parameters:
      identity - not null
      newResource - not null
      Returns:
      Reason as String in Optional.of(Object) if create allowed

    • reasonReadAllowed

      public final Optional<String> reasonReadAllowed(Identity identity, R existingResource)
      Description copied from interface: AuthorizationRule
      Override this method for non default behavior. Default: Not allowed.
      Specified by:
      reasonReadAllowed in interface AuthorizationRule<R extends org.hl7.fhir.r4.model.Resource>
      Parameters:
      identity - not null
      existingResource - not null
      Returns:
      Reason as String in Optional.of(Object) if read allowed

    • getAffiliations

      protected List<org.hl7.fhir.r4.model.OrganizationAffiliation> getAffiliations(Connection connection, String organizationIdentifierValue)

    • reasonUpdateAllowed

      public final Optional<String> reasonUpdateAllowed(Identity identity, R oldResource, R newResource)
      Description copied from interface: AuthorizationRule
      Override this method for non default behavior. Default: Not allowed.
      Specified by:
      reasonUpdateAllowed in interface AuthorizationRule<R extends org.hl7.fhir.r4.model.Resource>
      Parameters:
      identity - not null
      oldResource - not null
      newResource - not null
      Returns:
      Reason as String in Optional.of(Object) if update allowed

    • reasonDeleteAllowed

      public final Optional<String> reasonDeleteAllowed(Identity identity, R oldResource)
      Description copied from interface: AuthorizationRule
      Override this method for non default behavior. Default: Not allowed.
      Specified by:
      reasonDeleteAllowed in interface AuthorizationRule<R extends org.hl7.fhir.r4.model.Resource>
      Parameters:
      identity - not null
      oldResource - not null
      Returns:
      Reason as String in Optional.of(Object) if delete allowed

    • organizationWithIdentifierExists

      protected final boolean organizationWithIdentifierExists(Connection connection, org.hl7.fhir.r4.model.Identifier organizationIdentifier)

    • roleExists

      protected final boolean roleExists(Connection connection, org.hl7.fhir.r4.model.Coding coding)

    • isCurrentIdentityPartOfReferencedOrganizations

      protected final boolean isCurrentIdentityPartOfReferencedOrganizations(Connection connection, Identity identity, String referenceLocation, Collection<? extends org.hl7.fhir.r4.model.Reference> references)

    • isCurrentIdentityPartOfReferencedOrganizations

      protected final boolean isCurrentIdentityPartOfReferencedOrganizations(Connection connection, Identity identity, String referenceLocation, Stream<? extends org.hl7.fhir.r4.model.Reference> references)

    • isCurrentIdentityPartOfReferencedOrganization

      protected final boolean isCurrentIdentityPartOfReferencedOrganization(Connection connection, Identity identity, String referenceLocation, org.hl7.fhir.r4.model.Reference reference)

    • isLocalOrganization

      protected final boolean isLocalOrganization(org.hl7.fhir.r4.model.Organization organization)

    • createIfLiteralInternalOrLogicalReference

      @SafeVarargs protected final Optional<ResourceReference> createIfLiteralInternalOrLogicalReference(String referenceLocation, org.hl7.fhir.r4.model.Reference reference, Class<? extends org.hl7.fhir.r4.model.Resource>... referenceTypes)

    • resolveReference

      protected final Optional<org.hl7.fhir.r4.model.Resource> resolveReference(Connection connection, Identity identity, Optional<ResourceReference> reference)

    • reasonPermanentDeleteAllowed

      public Optional<String> reasonPermanentDeleteAllowed(Identity identity, R oldResource)
      Description copied from interface: AuthorizationRule
      Override this method for non default behavior. Default: Not allowed.
      Specified by:
      reasonPermanentDeleteAllowed in interface AuthorizationRule<R extends org.hl7.fhir.r4.model.Resource>
      Parameters:
      identity - not null
      oldResource - not null
      Returns:
      Reason as String in Optional.of(Object) if permanent delete allowed

    • reasonSearchAllowed

      public final Optional<String> reasonSearchAllowed(Identity identity)
      Description copied from interface: AuthorizationRule
      Override this method for non default behavior. Default: Not allowed.
      Specified by:
      reasonSearchAllowed in interface AuthorizationRule<R extends org.hl7.fhir.r4.model.Resource>
      Parameters:
      identity - not null
      Returns:
      Reason as String in Optional.of(Object) if delete allowed

    • reasonHistoryAllowed

      public final Optional<String> reasonHistoryAllowed(Identity identity)
      Description copied from interface: AuthorizationRule
      Override this method for non default behavior. Default: Not allowed.
      Specified by:
      reasonHistoryAllowed in interface AuthorizationRule<R extends org.hl7.fhir.r4.model.Resource>
      Parameters:
      identity - not null
      Returns:
      Reason as String in Optional.of(Object) if delete allowed

    • reasonPermanentDeleteAllowed

      public Optional<String> reasonPermanentDeleteAllowed(Connection connection, Identity identity, R oldResource)
      Description copied from interface: AuthorizationRule
      Override this method for non default behavior. Default: Not allowed.
      Specified by:
      reasonPermanentDeleteAllowed in interface AuthorizationRule<R extends org.hl7.fhir.r4.model.Resource>
      Parameters:
      connection - not null
      identity - not null
      oldResource - not null
      Returns:
      Reason as String in Optional.of(Object) if permanent delete allowed